diff options
Diffstat (limited to 'rt/lib/RT/ACL.pm')
-rwxr-xr-x | rt/lib/RT/ACL.pm | 329 |
1 files changed, 68 insertions, 261 deletions
diff --git a/rt/lib/RT/ACL.pm b/rt/lib/RT/ACL.pm index 444a4c2af..81f59c6d0 100755 --- a/rt/lib/RT/ACL.pm +++ b/rt/lib/RT/ACL.pm @@ -1,308 +1,115 @@ -# $Header: /home/cvs/cvsroot/freeside/rt/lib/RT/ACL.pm,v 1.1 2002-08-12 06:17:07 ivan Exp $ -# Distributed under the terms of the GNU GPL -# Copyright (c) 2000 Jesse Vincent <jesse@fsck.com> +# BEGIN LICENSE BLOCK +# +# Copyright (c) 1996-2003 Jesse Vincent <jesse@bestpractical.com> +# +# (Except where explictly superceded by other copyright notices) +# +# This work is made available to you under the terms of Version 2 of +# the GNU General Public License. A copy of that license should have +# been provided with this software, but in any event can be snarfed +# from www.gnu.org. +# +# This work is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# Unless otherwise specified, all modifications, corrections or +# extensions to this work which alter its source code become the +# property of Best Practical Solutions, LLC when submitted for +# inclusion in the work. +# +# +# END LICENSE BLOCK +# Autogenerated by DBIx::SearchBuilder factory (by <jesse@bestpractical.com>) +# WARNING: THIS FILE IS AUTOGENERATED. ALL CHANGES TO THIS FILE WILL BE LOST. +# +# !! DO NOT EDIT THIS FILE !! +# + +use strict; -=head1 NAME - RT::ACL - collection of RT ACE objects +=head1 NAME + RT::ACL -- Class Description + =head1 SYNOPSIS - use RT::ACL; -my $ACL = new RT::ACL($CurrentUser); + use RT::ACL =head1 DESCRIPTION =head1 METHODS -=begin testing - -ok(require RT::TestHarness); -ok(require RT::ACL); - -=end testing - =cut package RT::ACL; -use RT::EasySearch; -use RT::ACE; -@ISA= qw(RT::EasySearch); - -# {{{ sub _Init -sub _Init { - my $self = shift; - $self->{'table'} = "ACL"; - $self->{'primary_key'} = "id"; - return ( $self->SUPER::_Init(@_)); - -} -# }}} - -# {{{ sub NewItem -sub NewItem { - my $self = shift; - return(RT::ACE->new($self->CurrentUser)); -} -# }}} - -=head2 Next - -Hand out the next ACE that was found - -=cut - -# {{{ sub Next -sub Next { - my $self = shift; - - my $ACE = $self->SUPER::Next(); - if ((defined($ACE)) and (ref($ACE))) { - - if ( $ACE->CurrentUserHasRight('ShowACL') or - $ACE->CurrentUserHasRight('ModifyACL') - ) { - return($ACE); - } - - #If the user doesn't have the right to show this ACE - else { - return($self->Next()); - } - } - #if there never was any ACE - else { - return(undef); - } - -} -# }}} - - -=head1 Limit the ACL to a specific scope - -There are two real scopes right now: - -=item Queue is for rights that apply to a single queue - -=item System is for rights that apply to the System (rights that aren't queue related) - - -=head2 LimitToQueue - -Takes a single queueid as its argument. +use RT::SearchBuilder; +use RT::ACE; -Limit the ACL to just a given queue when supplied with an integer queue id. +use vars qw( @ISA ); +@ISA= qw(RT::SearchBuilder); -=cut -sub LimitToQueue { +sub _Init { my $self = shift; - my $queue = shift; - - - - $self->Limit( FIELD =>'RightScope', - ENTRYAGGREGATOR => 'OR', - VALUE => 'Queue'); - $self->Limit( FIELD =>'RightScope', - ENTRYAGGREGATOR => 'OR', - VALUE => 'Ticket'); - - $self->Limit(ENTRYAGGREGATOR => 'OR', - FIELD => 'RightAppliesTo', - VALUE => $queue ); - -} - - -=head2 LimitToSystem() - -Limit the ACL to system rights - -=cut - -sub LimitToSystem { - my $self = shift; - - $self->Limit( FIELD =>'RightScope', - VALUE => 'System'); -} - - -=head2 LimitRightTo - -Takes a single RightName as its only argument. -Limits the search to the right $right. -$right is a right listed in perldoc RT::ACE - -=cut - -sub LimitRightTo { - my $self = shift; - my $right = shift; - - $self->Limit(ENTRYAGGREGATOR => 'OR', - FIELD => 'RightName', - VALUE => $right ); - -} - -=head1 Limit to a specifc set of principals - -=head2 LimitPrincipalToUser - -Takes a single userid as its only argument. -Limit the ACL to a just a specific user. - -=cut - -sub LimitPrincipalToUser { - my $self = shift; - my $user = shift; - - $self->Limit(ENTRYAGGREGATOR => 'OR', - FIELD => 'PrincipalType', - VALUE => 'User' ); - - $self->Limit(ENTRYAGGREGATOR => 'OR', - FIELD => 'PrincipalId', - VALUE => $user ); - -} - + $self->{'table'} = 'ACL'; + $self->{'primary_key'} = 'id'; -=head2 LimitPrincipalToGroup - -Takes a single group as its only argument. -Limit the ACL to just a specific group. - -=cut - -sub LimitPrincipalToGroup { - my $self = shift; - my $group = shift; - - $self->Limit(ENTRYAGGREGATOR => 'OR', - FIELD => 'PrincipalType', - VALUE => 'Group' ); - - $self->Limit(ENTRYAGGREGATOR => 'OR', - FIELD => 'PrincipalId', - VALUE => $group ); + return ( $self->SUPER::_Init(@_) ); } -=head2 LimitPrincipalToType($type) -Takes a single argument, $type. -Limit the ACL to just a specific principal type +=item NewItem -$type is one of: - TicketOwner - TicketRequestor - TicketCc - TicketAdminCc - Everyone - User - Group +Returns an empty new RT::ACE item =cut -sub LimitPrincipalToType { - my $self=shift; - my $type=shift; - $self->Limit(ENTRYAGGREGATOR => 'OR', - FIELD => 'PrincipalType', - VALUE => $type ); +sub NewItem { + my $self = shift; + return(RT::ACE->new($self->CurrentUser)); } + eval "require RT::ACL_Overlay"; + if ($@ && $@ !~ qr{^Can't locate RT/ACL_Overlay.pm}) { + die $@; + }; -=head2 LimitPrincipalToId + eval "require RT::ACL_Vendor"; + if ($@ && $@ !~ qr{^Can't locate RT/ACL_Vendor.pm}) { + die $@; + }; -Takes a single argument, the numeric Id of the principal to limit this ACL to. Repeated calls to this -function will broaden the scope of the search to include all principals listed. - -=cut - -sub LimitPrincipalToId { - my $self = shift; - my $id = shift; - - if ($id =~ /^\d+$/) { - $self->Limit(ENTRYAGGREGATOR => 'OR', - FIELD => 'PrincipalId', - VALUE => $id ); - } - else { - $RT::Logger->warn($self."->LimitPrincipalToId called with '$id' as an id"); - return undef; - } -} + eval "require RT::ACL_Local"; + if ($@ && $@ !~ qr{^Can't locate RT/ACL_Local.pm}) { + die $@; + }; -#wrap around _DoSearch so that we can build the hash of returned -#values -sub _DoSearch { - my $self = shift; - # $RT::Logger->debug("Now in ".$self."->_DoSearch"); - my $return = $self->SUPER::_DoSearch(@_); - # $RT::Logger->debug("In $self ->_DoSearch. return from SUPER::_DoSearch was $return\n"); - $self->_BuildHash(); - return ($return); -} -#Build a hash of this ACL's entries. -sub _BuildHash { - my $self = shift; +=head1 SEE ALSO - while (my $entry = $self->Next) { - my $hashkey = $entry->RightScope . "-" . - $entry->RightAppliesTo . "-" . - $entry->RightName . "-" . - $entry->PrincipalId . "-" . - $entry->PrincipalType; +This class allows "overlay" methods to be placed +into the following files _Overlay is for a System overlay by the original author, +_Vendor is for 3rd-party vendor add-ons, while _Local is for site-local customizations. - $self->{'as_hash'}->{"$hashkey"} =1; +These overlay files can contain new subs or subs to replace existing subs in this module. - } -} +If you'll be working with perl 5.6.0 or greater, each of these files should begin with the line + no warnings qw(redefine); -# {{{ HasEntry +so that perl does not kick and scream when you redefine a subroutine or variable in your overlay. -=head2 HasEntry +RT::ACL_Overlay, RT::ACL_Vendor, RT::ACL_Local =cut -sub HasEntry { - - my $self = shift; - my %args = ( RightScope => undef, - RightAppliesTo => undef, - RightName => undef, - PrincipalId => undef, - PrincipalType => undef, - @_ ); - - #if we haven't done the search yet, do it now. - $self->_DoSearch(); - - if ($self->{'as_hash'}->{ $args{'RightScope'} . "-" . - $args{'RightAppliesTo'} . "-" . - $args{'RightName'} . "-" . - $args{'PrincipalId'} . "-" . - $args{'PrincipalType'} - } == 1) { - return(1); - } - else { - return(undef); - } -} -# }}} 1; |